Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/bd81e7-397e-4d5d-a5f1-3a0faa28b5ac/1/2DIL1O-Fj9YrskhdCLCoaSDpEcE.mft
File: 2DIL1O-Fj9YrskhdCLCoaSDpEcE.mft (raw, json)
Hash identifier: vbZY1Gh23vrJIdNIdyCDuxMZ0VH+47aNzP59Vg+tKdo=
Subject key identifier: 86:40:63:9E:BF:A7:F4:60:62:96:25:68:3F:05:54:79:18:73:13:6B
Authority key identifier: D8:32:0B:D4:EF:85:8F:D6:2B:B2:48:5D:08:B0:A8:69:20:E9:11:C1
Certificate issuer: /CN=d8320bd4ef858fd62bb2485d08b0a86920e911c1
Certificate serial: 0199FEEBB00F54D628EDBEA1BE247B5822F4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2DIL1O-Fj9YrskhdCLCoaSDpEcE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/bd81e7-397e-4d5d-a5f1-3a0faa28b5ac/1/2DIL1O-Fj9YrskhdCLCoaSDpEcE.mft
Manifest number: 0DD6
Signing time: Mon 20 Oct 2025 00:01:22 +0000
Manifest this update: Mon 20 Oct 2025 00:01:22 +0000
Manifest next update: Tue 21 Oct 2025 00:01:22 +0000
Files and hashes: 1: 2DIL1O-Fj9YrskhdCLCoaSDpEcE.crl (hash: y/sFw+iG3q7ReW/jlcahQTdt5YmZqId8N9Qlg1z9T2Q=)
2: wUSVu8lDNfoUWdaRO2jsDgRSmsg.roa (hash: A2CVwSparFGjp8/uMP7BcSnzpGUx0FpocYCZqqW30C8=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ab/bd81e7-397e-4d5d-a5f1-3a0faa28b5ac/1/2DIL1O-Fj9YrskhdCLCoaSDpEcE.crl
rsync://rpki.ripe.net/repository/DEFAULT/ab/bd81e7-397e-4d5d-a5f1-3a0faa28b5ac/1/2DIL1O-Fj9YrskhdCLCoaSDpEcE.mft
rsync://rpki.ripe.net/repository/DEFAULT/2DIL1O-Fj9YrskhdCLCoaSDpEcE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 00:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:fe:eb:b0:0f:54:d6:28:ed:be:a1:be:24:7b:58:22:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d8320bd4ef858fd62bb2485d08b0a86920e911c1
Validity
Not Before: Oct 20 00:01:22 2025 GMT
Not After : Oct 21 00:01:22 2025 GMT
Subject: CN=8640639ebfa7f460629625683f0554791873136b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:b0:17:4e:35:a2:26:b2:27:c2:1f:86:12:f2:
62:b2:53:99:af:b4:23:5f:16:28:3c:ee:ce:14:49:
cb:0c:16:da:31:d7:b8:26:17:82:67:be:19:d0:a8:
55:35:51:92:c4:48:22:31:79:ec:b9:2d:fa:65:7a:
ab:1d:9d:fd:d6:e6:f9:b6:89:e4:fc:4e:eb:fb:1a:
3e:6c:92:66:75:51:f9:45:cc:3a:05:82:23:44:91:
cd:d3:5c:ba:01:63:70:de:c5:5c:d5:b7:7b:9b:b8:
52:43:42:72:ec:32:9e:20:73:ca:64:99:80:42:62:
75:fe:0d:d4:63:83:e0:12:5c:e3:c4:6f:22:87:38:
8b:79:81:d1:80:71:67:f9:b8:6a:d1:4a:b2:4c:c4:
1c:5f:b8:ac:ca:2d:a0:a6:42:f9:49:cd:05:cd:d5:
82:b9:4d:30:a9:a7:80:92:11:9a:fe:fd:4a:bb:8d:
e6:c8:2c:f5:2e:36:83:f7:80:ea:5e:a4:d8:0e:33:
57:af:5f:61:86:ec:ea:60:f0:27:14:4a:19:72:af:
ce:5d:f1:a6:18:c0:00:cb:86:4a:89:7e:80:d5:54:
b9:a1:aa:81:33:da:97:90:a0:f6:54:8e:fc:58:fe:
90:b7:ea:38:d8:d6:bc:0d:d3:02:e2:47:2e:15:4a:
84:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:40:63:9E:BF:A7:F4:60:62:96:25:68:3F:05:54:79:18:73:13:6B
X509v3 Authority Key Identifier:
keyid:D8:32:0B:D4:EF:85:8F:D6:2B:B2:48:5D:08:B0:A8:69:20:E9:11:C1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2DIL1O-Fj9YrskhdCLCoaSDpEcE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/bd81e7-397e-4d5d-a5f1-3a0faa28b5ac/1/2DIL1O-Fj9YrskhdCLCoaSDpEcE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/bd81e7-397e-4d5d-a5f1-3a0faa28b5ac/1/2DIL1O-Fj9YrskhdCLCoaSDpEcE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
26:4c:f6:51:7e:ef:ce:28:eb:60:9b:2a:b4:6a:e9:a9:37:61:
1b:33:b4:a5:44:ff:e3:d9:5a:31:71:6c:54:5f:d1:46:d0:5e:
95:a6:cd:06:cd:90:43:1a:2d:e1:29:a5:df:93:c8:80:c4:c9:
23:de:66:53:d5:98:87:78:6d:76:bd:cc:16:d2:12:fb:2c:20:
b2:f8:36:81:a9:2d:5b:b3:e8:c3:bf:f6:28:00:33:d4:b1:9c:
d1:be:1d:7f:3d:16:ab:53:08:cf:e8:a9:c4:39:7b:4f:29:f3:
e7:87:f8:d8:b3:e4:33:9c:a1:2b:1f:8d:31:87:44:3b:22:4c:
4b:9a:b7:39:24:2a:33:21:5a:48:ac:18:d8:de:4b:2c:70:98:
5d:40:45:5e:e4:16:ad:2d:45:e2:83:34:14:ab:a0:98:31:1d:
e3:cb:0b:43:71:81:b6:df:79:ef:ed:39:6f:23:93:da:21:66:
53:ab:33:73:39:e4:fa:4f:c8:fd:ac:b1:d4:ea:b4:d1:f2:ad:
fa:35:47:75:03:8f:28:16:fb:8d:1b:f6:0d:fb:6f:78:e8:93:
d6:4d:ac:68:cd:07:f7:74:46:1f:43:e0:f2:85:71:d5:89:8a:
e7:72:fa:d3:39:27:97:eb:73:94:53:51:6f:15:70:02:30:5d:
01:2e:97:69
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn+67APVNYo7b6hviR7WCL0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4MzIwYmQ0ZWY4NThmZDYyYmIyNDg1ZDA4YjBhODY5MjBl
OTExYzEwHhcNMjUxMDIwMDAwMTIyWhcNMjUxMDIxMDAwMTIyWjAzMTEwLwYDVQQD
Eyg4NjQwNjM5ZWJmYTdmNDYwNjI5NjI1NjgzZjA1NTQ3OTE4NzMxMzZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlbAXTjWiJrInwh+GEvJislOZr7Qj
XxYoPO7OFEnLDBbaMde4JheCZ74Z0KhVNVGSxEgiMXnsuS36ZXqrHZ391ub5tonk
/E7r+xo+bJJmdVH5Rcw6BYIjRJHN01y6AWNw3sVc1bd7m7hSQ0Jy7DKeIHPKZJmA
QmJ1/g3UY4PgElzjxG8ihziLeYHRgHFn+bhq0UqyTMQcX7isyi2gpkL5Sc0FzdWC
uU0wqaeAkhGa/v1Ku43myCz1LjaD94DqXqTYDjNXr19hhuzqYPAnFEoZcq/OXfGm
GMAAy4ZKiX6A1VS5oaqBM9qXkKD2VI78WP6Qt+o42Na8DdMC4kcuFUqEKQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIZAY56/p/RgYpYlaD8FVHkYcxNrMB8GA1UdIwQY
MBaAFNgyC9TvhY/WK7JIXQiwqGkg6RHBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkRJTDFPLUZqOVlyc2toZENMQ29hU0RwRWNFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi9iZDgxZTctMzk3ZS00ZDVkLWE1ZjEt
M2EwZmFhMjhiNWFjLzEvMkRJTDFPLUZqOVlyc2toZENMQ29hU0RwRWNFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi9iZDgxZTctMzk3ZS00ZDVkLWE1ZjEtM2EwZmFhMjhiNWFj
LzEvMkRJTDFPLUZqOVlyc2toZENMQ29hU0RwRWNFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJkz2UX7v
zijrYJsqtGrpqTdhGzO0pUT/49laMXFsVF/RRtBelabNBs2QQxot4Sml35PIgMTJ
I95mU9WYh3htdr3MFtIS+ywgsvg2gaktW7Pow7/2KAAz1LGc0b4dfz0Wq1MIz+ip
xDl7Tynz54f42LPkM5yhKx+NMYdEOyJMS5q3OSQqMyFaSKwY2N5LLHCYXUBFXuQW
rS1F4oM0FKugmDEd48sLQ3GBtt957+05byOT2iFmU6szcznk+k/I/ayx1Oq00fKt
+jVHdQOPKBb7jRv2DftveOiT1k2saM0H93RGH0Pg8oVx1YmK53L60zknl+tzlFNR
bxVwAjBdAS6XaQ==
-----END CERTIFICATE-----
Generated at Mon Oct 20 08:44:25 2025 by rpki-client